From Collaborative RCE Tool Library
|Last updated:||October 3, 2009|
|Direct D/L link:||http://fyyre.l2-fashion.de/projects/HideToolz.zip|
|Description:||This is version 2.2 of HideToolz. Version 2.1 did not work on Windows Vista SP1 or higher. I have modified the device driver so HideToolz now works on Vista SP1 through Windows 7 RTM.
- - -
HideToolz is a configurable GUI based utilility that allows hiding of RCE tools from annoying detection (such as Themida). It does so by kernel mode driver which hooks functions such as NtQueryInformationProcess, NtSetContextThread, NtQuerySystemInformation, NtOpenProcess, NtOpenThread, etc... allowing you to debug 'protected' applications easily.
Protection from Windows hooks
Emulation of partent process (sets parent pid of target PID to explorer.exe).
Anti-Anti debug features.
Runs very stable under Windows XP through Windows 7 (x86 only). Please be aware some anti-virus detections HideToolz driver as a rootkit - this is basically correct, except HideToolz contains no payload, does not access any network api, etc... if you doubt, disasm the driver yourself.
|Related URLs:||No related URLs have been submitted for this tool yet|
Here below you will find useful notes about this tool, left by other users.
You are welcome to add your own useful notes here, or edit any existing notes to improve or extend them.
Windows 7 64bit Error
It seems that on 64bit it does not work :( Driver Load Error: 0xC000036B Is there any fix for this problem ? Thanks
HideToolz does not work under any X64 version of Windows.
Solutions for process hiding under X64 Windows versions are impractical and not worth the effort... =\
Importance of 64 bit comparability
No offense to staff that created this tool, but a lot of gamers use your product and most high-end gaming rigs are 64bit OS' to get more out of their system squeezing that extra 2-4gb of ram. Though it is unstable to my knowledge. For example Alienware is one of the leading computers in gaming and going through customization or pre-made rigs it will only offer 64bit OS'. Also the average user will not have the money for a virtual machine to use as an alternative to your product. Weather you do work on it is entirely your choice i'm just putting it out there.
using command line to run the hidetoolz
Is there any way to run the hide process task by command line. For example: If want to hide abcde.exe program, just run the command hidetoolz abcde.exe
Re: Importance of 64 bit comparability
I made x64 hide process tool some months ago:
Link of hidex64 doesn't work. I can't dl it XD. Any other link for it?
(please also edit it if you think it fits well in some additional category, since this can also be controlled)